On January 27, 2020, the Office of Compliance Inspections and Examinations (“OCIE”) of the U.S. Securities and Exchange Commission (“SEC”) released observations on cybersecurity and resiliency (the “Observations”). In them, OCIE presented several key cybersecurity issues that industry participants should seek to address such as the construction and implementation of a comprehensive cybersecurity program, the prevention of unauthorized access to systems, the theft of information, responding to cyber incidents, and vendor management. In doing so, OCIE highlighted elements of successful cybersecurity efforts.

The Wall Street Journal reported on November 21, 2019, that the Federal Reserve is considering whether to begin examining data storage technology service providers (“TSPs”) of the banks that it regulates.  While financial regulators have long scrutinized TSPs generally, this report indicates a new interest by a federal regulator in direct oversight of TSPs, particularly those that provide data storage on media such as the cloud.